Re: [PATCH 0/4] index-pack: optionally turn off SHA-1 collision checking
- Date: Tue, 30 Oct 2018 02:49:26 +0000
- From: Geert Jansen <gerardu@xxxxxxxxxx>
- Subject: Re: [PATCH 0/4] index-pack: optionally turn off SHA-1 collision checking
On Sun, Oct 28, 2018 at 10:50:19PM +0000, Ævar Arnfjörð Bjarmason wrote:
> I left the door open for that in the new config option 4/4 implements,
> but I suspect for Geert's purposes this is something he'd prefer to
> turn off in git on clone entirely, i.e. because it may be running on
> some random Amazon's customer's EFS instance, and they won't know
> about this new core.checkCollisions option.
> But maybe I'm wrong about that and Geert is happy to just turn on
> core.checkCollisions=false and use this series instead.
I think that the best user experience would probably be if git were fast by
default without having to give up on (future) security by removing the sha1
collision check. Maybe core.checkCollisons could default to "on" only when
there's no loose objects in the repository? That would give a fast experience
for many common cases (git clone, git init && git fetch) while still doing the
collision check when relevant.
My patch used the --cloning flag as an approximation of "no loose objects".
Maybe a better option would be to check for the non-existence of the [00-ff]
directories under .git/objects.